Electronic communication of information has become commonplace. Today, information, including sensitive information, regarding individuals, businesses, and other entities, can be communicated electronically between devices. For example, computers, cellular phones, smart cards, and other electronic devices can be utilized to electronically communicate information between users. Further, devices, like smart cards, can be utilized to provide a digital signature or other authentication information that can reasonably identify the user of the smart card and can provide certain information regarding the user and/or can enable the user to sign electronic documents (e.g., legal documents) in a secure manner.
With regard to the electronic communication of sensitive information, encryption/decryption techniques can be utilized to protect such information from being accessed by undesired persons (e.g., attackers, hackers). For example, public key encryption can be utilized to secure information electronically communicated between devices. For example, when sending a message, an entity can utilize a public key, which can be published and made available to users, to encrypt the message data. The encrypted message can be sent to a recipient, who can utilize a private key, which can be known to the recipient but not others, so that the encrypted message data can be decrypted and the message can be perceived in a usable form.
However, undesired persons can take measures to attempt to learn or decrypt secure data and/or the private key that was used to encrypt the data. For example, attackers can attempt to collect side-channel information (e.g., power consumption information, electromagnetic information, fault information, etc.) associated with a device when executing a cryptographic process in order to learn the private key or other security measures utilized to secure the data. Attacks using such side-channel information can include simple power analysis (SPA) attacks, differential power analysis (DPA) attacks, differential fault analysis (DFA) attacks, and electromagnetic analysis (EMA) attacks, for example. When such undesired persons gain unauthorized and undesired access to the information of a user, it can result in financial hardship, emotional hardship, and/or other harm to the user.
It is therefore desirable to maintain the security of information communicated electronically, including securing data from side-channel attacks. Further, while countermeasures can be employed to minimize the risk of unauthorized access to information, it is desirable that such countermeasures be manageable on electronic devices, including portable electronic devices (e.g., cellular phones, smart cards).